North Dakota Data Privacy: A Plain-Language Overview
No comprehensive consumer privacy law (as of 2026)
Status: The state has not enacted a general consumer data privacy law, but general consumer protection and data breach notification requirements remain in effect.
North Dakota does not have a comprehensive consumer data privacy law regulating the commercial collection and sale of personal data. Instead, the state relies on general consumer protection statutes against unfair or deceptive trade practices and specific sectoral laws (such as those governing data breaches or insurance). Businesses operating in the state must still adhere to existing federal regulations and North Dakota's data security requirements.
Consumer rights
No comprehensive statutory consumer privacy rights specific to this state as of 2026; general consumer-protection rules may still apply.
Who it generally applies to
N/A—without a comprehensive privacy law, there are no broad thresholds based on revenue or data volume defining 'controllers' or 'processors' under state privacy statutes. However, data breach notification laws apply to entities handling North Dakota resident data.
What this means for B2B outreach
Without a comprehensive privacy framework, there are no state-level consent requirements or opt-out mechanisms specifically for B2B contact data or commercial email beyond federal standards (like CAN-SPAM). General consumer protection laws govern unfair trade practices involving businesses.
Authoritative source: North Dakota Office of Attorney General. Always confirm current requirements there.
Marketing that respects privacy by design
We run permission-based, compliance-minded campaigns with real opt-out handling.
Talk to us